Mobile Application Monitoring

2013 32nd International Conference of the Chilean Computer Science Society (SCCC) Pub Date : 2013-11-01 DOI:10.1109/SCCC.2013.16

Sebastian Vasquez, J. Simmonds

{"title":"Mobile Application Monitoring","authors":"Sebastian Vasquez, J. Simmonds","doi":"10.1109/SCCC.2013.16","DOIUrl":null,"url":null,"abstract":"To date, there are more than 800.000 applications available on each of the two largest mobile application markets (Google Play and Apple App Store), each reporting around 40 billion downloads in total. At this scale, it is impossible to analyze each application for malware behavior before making them available for download. Vendors mostly rely on user feedback to remove malware from their marketplaces, so it can take a while for these applications to be removed. In practice, users must be very careful when picking which applications to install. Moreover, it can be hard to detect a malware application once it is installed, unless the application has noticeable side-effects. To improve this situation, we propose a framework for performing runtime monitoring of mobile applications against behavioral correctness properties. These properties specify forbidden and desired interactions between applications and the phone's resources as sequences of events. The user can then determine which applications to uninstall based on which properties they violate. We have implemented a prototype of this framework for the Android operating system. In this first version of the framework, the user must specify the properties to be monitored directly as automata.","PeriodicalId":182181,"journal":{"name":"2013 32nd International Conference of the Chilean Computer Science Society (SCCC)","volume":"14 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 32nd International Conference of the Chilean Computer Science Society (SCCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SCCC.2013.16","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

To date, there are more than 800.000 applications available on each of the two largest mobile application markets (Google Play and Apple App Store), each reporting around 40 billion downloads in total. At this scale, it is impossible to analyze each application for malware behavior before making them available for download. Vendors mostly rely on user feedback to remove malware from their marketplaces, so it can take a while for these applications to be removed. In practice, users must be very careful when picking which applications to install. Moreover, it can be hard to detect a malware application once it is installed, unless the application has noticeable side-effects. To improve this situation, we propose a framework for performing runtime monitoring of mobile applications against behavioral correctness properties. These properties specify forbidden and desired interactions between applications and the phone's resources as sequences of events. The user can then determine which applications to uninstall based on which properties they violate. We have implemented a prototype of this framework for the Android operating system. In this first version of the framework, the user must specify the properties to be monitored directly as automata.

查看原文本刊更多论文

移动应用监控

到目前为止，两大手机应用市场(Google Play和Apple App Store)上都有超过80万款应用，它们的总下载量都在400亿次左右。在这种规模下，不可能在下载之前分析每个应用程序的恶意软件行为。供应商主要依靠用户反馈从他们的市场中删除恶意软件，所以这些应用程序可能需要一段时间才能被删除。在实践中，用户在选择安装哪些应用程序时必须非常小心。此外，一旦安装了恶意软件应用程序，就很难检测到它，除非该应用程序具有明显的副作用。为了改善这种情况，我们提出了一个框架，用于针对行为正确性属性执行移动应用程序的运行时监控。这些属性将应用程序和手机资源之间禁止的和期望的交互指定为事件序列。然后，用户可以根据哪些应用程序违反了哪些属性来决定卸载哪些应用程序。我们已经在Android操作系统上实现了这个框架的原型。在框架的第一个版本中，用户必须指定要作为自动机直接监视的属性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 32nd International Conference of the Chilean Computer Science Society (SCCC)

自引率

0.00%

发文量